Glossary

Every term used on MIR's public surface, defined in plain English. Last updated 2026-05-24.

Core concepts

MIR

Memory Infrastructure Registry. Participation history infrastructure for the internet. MIR records what entities (humans, employees, contractors, AI agents, and service accounts) have actually done over time, and surfaces that record as a signal at the moment of high-stakes decisions.

MIR is not an identity provider, a policy authority, or a scoring system. It is the evidence layer that sits underneath your existing authorization stack.

Participation history

The verifiable record of what an entity has actually done over time, expressed as structured events submitted by the systems that observed those actions (your application, your API, your fraud system). MIR stores and queries this record.

A new hire and a 10-year employee may have identical credentials and identical permissions. Their participation history is what tells them apart at the moment a high-stakes action is requested.

See also: Event, Tier, Evidence layer.

Evidence layer

MIR's position in your security architecture. Identity verification answers "who is this?" Policy authorization answers "what are they allowed to do?" The evidence layer answers "what have they actually done that earns the right to do this right now?"

The evidence layer does not make the final decision. It provides the behavioral input that authority and enforcement layers resolve against.

Authority boundary

The point in your system where an action is authorized or denied. MIR returns a recommendation before the boundary. The consuming system enforces the decision at the boundary. MIR does not enforce.

Policy engine

MIR's evaluation surface. Given an actor, an action, and optional context, the policy engine looks at the actor's accumulated participation history, applies the tier thresholds for the requested action, and returns a recommendation. The endpoint is POST /v1/policy/evaluate.

The policy engine is deterministic: no machine learning, no opaque scoring. Tier thresholds are event count plus history age. The reasoning behind any recommendation is human-readable via the whyRec field.

Decisions and recommendations

Recommendation (not decision)

MIR returns recommendations, not decisions. The consuming system makes the final call. This separation is load-bearing: it preserves the consuming system's autonomy and prevents MIR from becoming an unaccountable enforcement layer.

ALLOW

The actor's participation history supports the requested action at the requested tier. The consuming system may proceed without additional friction.

STEP_UP

The history is insufficient for this action without an additional check. The consuming system should require step-up authentication (manager approval, MFA, biometric, etc.) before proceeding. The recommendation does not specify which step-up method; that is the consuming system's choice.

LIMIT

The action may proceed but at reduced scope or with constraints (lower transaction limit, fewer records returned, no bulk operations). The consuming system applies the limit appropriate to the action.

DENY

The history is insufficient for this action. The consuming system should not proceed. The recommendation does not specify the user-facing message; that is the consuming system's choice.

Step-up authentication

An additional verification step the consuming system requires before proceeding with an action. MFA prompt, manager approval, biometric check, video verification, and so on. MIR's policy engine may recommend STEP_UP; the consuming system decides which step-up method to use.

Graduated trust

The principle behind tier-based recommendations: trust is not binary. An entity earns access to higher-risk actions by accumulating clean operational history over time. The opposite of binary trust (admin/not-admin, allowed/denied) and of opaque trust (machine-learning risk scores).

whyRec

A one-line human-readable explanation of why the recommendation was returned, included in every policy evaluation response and persisted in the audit record. Example: "sub-agent at tier 0, action requires tier 1, STEP_UP to authorizer." Designed so a reviewer can interpret historical decisions without contacting MIR.

Tiers and history

Tier

A discrete trust level (0, 1, 2, or 3) earned by an entity through accumulated clean participation history. Tier determines which actions are recommended for ALLOW versus STEP_UP, LIMIT, or DENY at the moment of evaluation.

Tier is computed at query time from the entity's event stream, not stored as a static rating. There is no machine learning, no opaque scoring, no risk model. The thresholds are public and unchanging.

Tier 0 is not a negative judgment. It means the entity has not yet accumulated history. New hires, freshly-provisioned agents, and newly-onboarded customers all start at tier 0.

Tier thresholds

The deterministic rules for tier assignment:

• Tier 0: 0 events, 0 days history
• Tier 1: 10+ events, 14+ days history
• Tier 2: 50+ events, 30+ days history (and, in cross-platform mode, events from 2+ partners)
• Tier 3: 200+ events, 90+ days history (and, in cross-platform mode, events from 3+ partners)

The thresholds are MIR-managed defaults. The per-action required tier is configured by the consuming organization in the policy engine.

Tier dormancy decay

Non-human entities (AI agents, service accounts) lose tier when inactive: 90-179 days dormant drops them one tier; 180+ days drops them to tier 0. Human entities do not decay -- a 3-month leave of absence should not reset earned trust. Decay is computed at query time and resets immediately when new events arrive. Sandbox events are exempt.

Partner diversity

A cross-platform tier requirement. To reach tier 2 in cross-platform mode, the entity needs events from 2+ different partners; tier 3 needs events from 3+ partners. This prevents a single partner from unilaterally promoting an entity to the highest tier across the network.

Intra-org mode has no partner diversity requirement -- a single organization can take its own entities to tier 3 on its own events.

Event density

The combined measure of event count and history age that determines tier. An entity with 200 events spread across 90 days is at tier 3; an entity with 200 events in 2 days is below tier 3 because the age threshold is not met. Density is the inverse insurance against gaming: tier requires both volume AND time.

Modes (intra-org and cross-platform)

Intra-org mode

An organization tracks its own entities (employees, contractors, AI agents, service accounts, vendors) inside its own environment. No network required, no other organizations involved. Immediate value, no waiting for ecosystem effects.

Intra-org tier uses the same event count and age thresholds as cross-platform tier, but has no partner diversity requirement.

Cross-platform mode

An entity carries its participation history across multiple organizations (multiple partners contributing events for the same linked entity). Used for humans, employees, contractors, and service agents that operate across institutional boundaries.

Cross-platform tier requires partner diversity (see above) in addition to event count and age.

AI agent vs service agent

AI agent in MIR's vocabulary refers specifically to an AI agent deployed within a single organization (intra-org only). It does not cross institutional boundaries.

Service agent refers to an AI-backed integration that operates across organizations (e.g., a vendor-provided AI that one company runs to act on behalf of another). Service agents are cross-platform.

This distinction matters because the trust mechanism differs: intra-org AI agents are governed by the org that deployed them; cross-platform service agents accumulate history across institutional boundaries.

Entities and actors

Entity

Anything MIR can track: humans, employees, contractors, AI agents, service accounts, or vendors. Identified by an external ID that the partner controls and submits with each event.

Actor

The entity performing an action in a policy evaluation. The actor's identifier is the external ID the partner uses on submitted events. The actor's type field is enumerated separately in three contexts -- see the next three entries.

actor.type on policy evaluation

In POST /v1/policy/evaluate, the request body's actor.type is one of two lowercase values:

• "human" -- the action is being requested by or on behalf of a human
• "service" -- the action is being requested by an AI agent, service account, or other non-human service

Note: there is no "agent" value here. AI agents and service accounts both use "service". Submitting "agent" will return a 400.

actorType on submitted events

In POST /v1/events, the optional actorType field is one of three uppercase values:

• HUMAN -- the event was produced by a human action
• AGENT -- the event was produced by an AI agent or service account
• UNKNOWN -- the producing actor is not known with certainty

This is different from the policy-evaluate request: events use AGENT (uppercase, three values); policy evaluate uses service (lowercase, two values).

actorType on audit log entries

In GET /v1/audit responses, the actorType field describes which class of identity performed the audited operation. One of five uppercase values:

• PARTNER -- API call from a partner organization (authenticated by API key)
• USER -- account-holder logged in via session
• ADMIN -- MIR operator
• SYSTEM -- automated MIR process
• AGENT -- AI agent or service account

This enumeration describes the actor that hit MIR's API, not the actor referenced by a submitted event or policy evaluation.

actorLabel

A human-readable label for the actor in the audit log. For PARTNER, this is the partner's organization name. For AGENT, this is the agent's display name. For USER and ADMIN, this field is omitted on purpose -- MIR's PII discipline forbids storing emails or names in metadata.

Partner

An organization that has signed up to submit events to MIR. Partners hold API keys and submit events for their entities. Partner records include subscription mode, billing terms, and status (FREE, PENDING, TRIAL, ACTIVE, etc.).

User (account-holder)

A human who has registered an account on the marketplace surface (mirregistry.org). Distinct from the entities tracked by partners. Users authenticate via magic link or passkey.

Scoped agent permissions

An AI agent or service account can be issued an API key with a restricted set of permissions: only specific endpoints, only specific event types, only specific resources. A spawned sub-agent inherits its parent's permissions and cannot escalate beyond them.

Spawn lineage

The chain of which agent kicked off which sub-agent. Recorded via the kickedOffBy field on each agent. Enterprise deployments require a human authorizer at the root of every lineage tree -- no agent acts on behalf of "no one."

Sandbox

An interactive test surface with a public API key. Events submitted in sandbox mode are marked with a sandbox flag, bypass Redis cache for live evaluation, do not count toward production tier, and are exempt from dormancy decay. Use sandbox to integrate and test without affecting real entities.

Events and data

Event

A structured record submitted by a partner via POST /v1/events, capturing something an entity did: a transaction completed, a review left, a sign-in, an agent action. Events have a type (one of MIR's recognized event types), an external entity ID, a timestamp, and optional weight. Free-form metadata is rejected by design.

Event weight

A multiplier on the event's contribution to tier calculation. Higher-value events (large transactions, longstanding subscriptions) carry more weight than routine events. Weight is bounded; partners cannot inflate weight arbitrarily.

Provisional event

An event recorded before account linking is complete. Provisional events count toward intra-org tier within the submitting partner but cannot port to cross-platform history until the entity's external ID is linked across partners.

Idempotency key

An optional header (Idempotency-Key) on event ingestion. MIR caches the response for 24 hours; resubmitting the same payload with the same key returns the cached result instead of creating a duplicate event. Required for agent endpoints.

SHA256-hashed external IDs

Every external entity ID a partner submits is stored as a SHA256 hash, not the raw value. MIR cannot recover the original identifier from the hash. This is the boundary that keeps subject-level PII out of MIR's substrate even when partners submit identifying values.

Claims

Claim

An attribution-layer record (chargeback, fraud allegation, policy violation, abuse report, suspension, identity dispute) submitted via POST /v1/claims. Claims are recorded but do not change tier. They surface in policy responses via claimStatus.

claimStatus

One of three values returned in every policy evaluation:

• clean -- no claims on record
• flagged -- one or more open claims, not contested
• contested -- one or more open claims, the entity (or another party) has formally disputed

MIR records the claim. The consuming system decides what the claim means for the action being authorized. A flagged status does not automatically deny; it surfaces to the consuming system as evidence to consider.

Claim types

The recognized claim types include chargeback, fraud, policy_violation, abuse, suspension, and identity_dispute. The set is enumerated by the API; consult /v1/policy/actions or the API reference for the current full list.

API and integration

API key

The credential a partner sends in the x-api-key header. Stored as SHA256 hash on MIR's side, never in plaintext. Partners receive their key when their application is approved. Agent keys may be scoped to specific endpoints and event types and may be rotated via POST /v1/agents/:id/key/rotate.

decision_correlation_id

An identifier that links a policy evaluation to all the artifacts produced by surrounding systems for the same decision (audit logs, downstream service records, external witnesses). The consuming system or upstream caller issues the ID; MIR persists it in the audit record so reviewers can stitch the full decision context across systems at audit time.

Audit log

The complete record of every consequential operation on MIR: event submissions, policy evaluations, agent operations, key rotations, admin actions. Queryable via GET /v1/audit and GET /v1/audit/:id. Each entry carries actorType, actorId, actorLabel, the action performed, the resource affected, the correlation ID, and timestamp.

Conformance endpoint

GET /v1/policy/decisions/conformance -- returns metrics that surface whether a partner is actually using MIR's recommendations or rubber-stamping them. Includes rubber_stamp_rate, latency thresholds, and minimum-reports requirements before the metric is computed.

Rubber-stamp pattern

When a partner receives a STEP_UP recommendation but overrides it within sub-50ms latency (faster than human review), the partner is treating MIR's recommendation as a checkbox rather than an input. The conformance endpoint surfaces this pattern so consuming organizations and reviewers can detect it independently.

Versioning

Endpoints are versioned under the /v1/ prefix. Breaking changes will be introduced under a new version prefix; existing version contracts are honored for the duration of partner contracts.

Architecture

Substrate

The layer of MIR that records events, computes tier, and produces audit artifacts. The substrate does not interpret claims, enforce decisions, or judge entities. It produces the evidence that the policy engine evaluates and that the consuming system acts on.

Deterministic, not ML

MIR uses no machine learning, no risk scores, no inference. Every tier assignment is computed from public threshold rules applied to a public event stream. A reviewer with no MIR access can re-derive any recommendation from the underlying records.

Neutral

MIR serves the entities it tracks, not just the organizations that submit events. Absence of history is not evidence of risk -- tier 0 means "no history yet," not "untrusted." MIR is infrastructure, not a platform.

No subject-level PII

External entity IDs are SHA256 hashed. Events carry no free-form metadata. Subject-level personal information cannot enter MIR's substrate even when partners submit identifying values. Operational PII (account-holder login emails, partner admin contacts) is stored separately and governed by the Data Processing Agreement.

Partner is responsible for identity integrity

MIR records what an identified entity did over time. MIR does not verify that the entity IS who it claims to be -- that is the partner's responsibility upstream of MIR. A compromised credential can produce events under a clean entity ID; MIR's substrate cannot detect this. The partner's identity-verification layer is the appropriate place to address it.